Google crawler tricked into performing SQL injection attacks using decade-old technique | Ars Technica.
It is interesting to note that you could be the unfortunate recipient of a DOS attack from Google/Bing/Yahoo simply because someone creates a page that will overload your database and bring your server to its knees. The real lesson here is that you should NEVER execute any SQL based on user supplied data without vetting it first. The secondary lesson is that you should (if you can) limit requests to your server from search engines via your robots.txt file (from here):
If your web application does have issues with handling occasional requests (for example on request per second), you can slow down Bing and Yahoo with the following entry in robots.txt:
This will ask crawlers to wait at least 120 seconds between requests. For Google, you can define the delay in the webmaster tools.
Microsoft Warns of Zero-Day Attack on Office — Krebs on Security.
The company says this exploit will not affect Office 2013, but will affect older versions such as Office 2003 and Office 2007.
The system load quota of 1000 requests per 2 seconds has been exceeded Archives – Kasper Kristensen.
When you try to open the Exchange Management Console this error occurs:
The attempt to connect to http://sbs2011.domain.local/powershell using Kerberos authetication failed: Connecting to remote server failed with the following error message: The WS-Management service cannot process the request. The system load quota of 1000 requests per 2 seconds has been exceeded. Send future request at a slower rate or raise the system quota. The next request from this user will not be approve for at least 1522693632 milliseconds. For more information see the about Remote_Troubleshooting
just run iisreset from cmd
After reading this we are recommending that anyone with a Netgear router/firewall product checks the following URL:
If this comes up with an authentication request then there is no need for concern – HOWEVER if this does present a page to you then we STRONGLY recommend turning off Remote administration of the router until Netgear issues an update – or getting a new (non Netgear) router/firewall.
Vulnerabilities in some Netgear router and NAS products open door to remote attacks – Techworld.com.
The Cryptolocker ransomware is still going strong. In essence, once your computer has been infected it encrypts all of your “document” files based on file extension and then gives the user 72 hours to pay the ransom ($300 USD or 2 BTC). It will encrypt not only the local files but also any files stored on shared drives – which makes it critical that you are protected. It is one of the few pieces of ransomware that does encryption *correctly* so at present, short of paying the ransom, there is no other means to decrypt. Bleeping Computer has a good write up of the virus and what to do:
CryptoLocker Ransomware Information Guide and FAQ.
Howto convert a PFX to a seperate .key/.crt file | MarkBrilman.nl.
openssl pkcs12 -in «yourfile.pfx» -nocerts -out «keyfile-encrypted.enc»
openssl pkcs12 -in «yourfile.pfx» -clcerts -nokeys -out «certificate.crt»
openssl rsa -in «keyfile-encrypted.enc» -out «keyfile-decrypted.key»
Kdms Team hackers hijack Rapid7 website using faxed DNS change request | Techworld.com.
You are quite literally only as secure as the weakest part of the security chain. In this case a Faxed DNS change request was acted on with no confirmation of the authority to proceed.
Backdoor found in D-Link router firmware code
via Backdoor found in D-Link router firmware code | Techworld.com.
I would recommend that you disable remote management on any of the following DLink devices: